mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-11-26 10:06:13 +01:00
74 lines
1.8 KiB
Nix
74 lines
1.8 KiB
Nix
|
# SPDX-FileCopyrightText: 2022 Richard Brežák <richard@brezak.sk>
|
||
|
#
|
||
|
# SPDX-License-Identifier: LGPL-3.0-or-later
|
||
|
{ inputs, lib, config, ... }:
|
||
|
let
|
||
|
inherit (lib)
|
||
|
flip
|
||
|
mapAttrs
|
||
|
singleton;
|
||
|
|
||
|
config' = config;
|
||
|
in
|
||
|
{
|
||
|
flake.nixosConfigurations.blowhole = inputs.nixpkgs.lib.nixosSystem {
|
||
|
system = "x86_64-linux";
|
||
|
|
||
|
specialArgs = {
|
||
|
config' = config';
|
||
|
inputs' = inputs;
|
||
|
secret =
|
||
|
if builtins.pathExists "${inputs.secret}/default.nix" then
|
||
|
import inputs.secret { inherit lib; }
|
||
|
else
|
||
|
{};
|
||
|
};
|
||
|
|
||
|
modules = singleton
|
||
|
({ pkgs, config, ... }:
|
||
|
{
|
||
|
imports = [
|
||
|
./bind.nix
|
||
|
./consul.nix
|
||
|
./filesystems.nix
|
||
|
./firewall.nix
|
||
|
./grub.nix
|
||
|
./hardware.nix
|
||
|
./hostapd.nix
|
||
|
./ical2org.nix
|
||
|
./klipper.nix
|
||
|
./monitoring.nix
|
||
|
./nas.nix
|
||
|
./networking.nix
|
||
|
./nfs.nix
|
||
|
./nomad.nix
|
||
|
./uterranix.nix
|
||
|
./vault-agent.nix
|
||
|
./vault.nix
|
||
|
./watchdog.nix
|
||
|
./nixpkgs.nix
|
||
|
./users.nix
|
||
|
../../common/remote_access.nix
|
||
|
inputs.serokell-nix.nixosModules.acme-sh
|
||
|
config'.flake.nixosModules.hashicorp
|
||
|
config'.flake.nixosModules.hashicorp-envoy
|
||
|
config'.flake.nixosModules.telegraf
|
||
|
config'.flake.nixosModules.grafana
|
||
|
];
|
||
|
|
||
|
_module.args.nixinate = {
|
||
|
host = "blowhole.hosts.in.redalder.org";
|
||
|
sshUser = "main";
|
||
|
buildOn = "local";
|
||
|
substituteOnTarget = true;
|
||
|
hermetic = false;
|
||
|
nixOptions = [
|
||
|
"--override-input secret path://$HOME/dotfiles/secret"
|
||
|
];
|
||
|
};
|
||
|
|
||
|
system.stateVersion = "21.05";
|
||
|
});
|
||
|
};
|
||
|
}
|